Yusuf On SecuritySecurity news, opinion and advice

Speed versus security versus cost

Cyber security is the act of having a safeguard or countermeasures in order to mitigate a potential risk. When I talk to clients who are looking at improving their security posture I often remind them that they need to strike a balance between security, cost and speed of the products they are looking at purchasing. They should also take what they are protecting into consideration. After all, the vertical you are in dictates your security tolerance level. In my opening statement I used the word ”mitigate’. Mitigation means bringing the overall risk level to an acceptable level. A financial institution such as a bank, a government agency with a national secrete or a small corner shop with few machines and very little data won’t have the same appeal to the crooks. The bad guys will go after the juicy high end target with a big return of investment rather than wasting time on a victim where there is not a lot to make of.

Procuring a cheap product might not give you the security level you deserve. Conversely if you want a premium security solution you won’t get it at a cheap price. Do not think of a solution with lightning speed, cheap and secure because it does not exist!

You should purchase the right products that fit your need and protect your environment but at the right cost. Know the value of you asset, data and what you are trying to protect.

Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...

Recent podcasts